AYS Dialog adds slashes to quotes

[markjaquith]

Post forms that go through the AYS dialog get an extra round of slashes. For instance, editing a comment turns

I'm going home.

Into:

I\'m going home

This is for version 2.0.3

Patch for 2.0.3 (branches/2.0)

Patch changes the hidden inputs to hidden textareas. That way, we don't need to escape slashes.

The AYS should be designed to work in all manner of strange browsers (mobile, etc.). Can we depend on everything to deal with the CSS?

I don't understand why can't we just stripslashes the hidden field value.

This isn't a problem in trunk, but I don't see the difference. Do you?

Alternative patch that stripslashes_deep $_POST. Think that'll work?

(In [3833]) Strip extra slashes from _POST when doing nonce AYS. Props MarkJaquith and mdawaffe. fixes #2761

(In [3834]) Strip extra slashes from _POST when doing nonce AYS. Props MarkJaquith and mdawaffe. fixes #2761

Hopefully that will get it. Please confirm.

Just tested Ryan's patch, and it works.

I tested by editing /wp-admin/post.php and purposely mismatching the nonce keys.

And mdawaffe, yeah, you're right. I was really tired when I wrote that. Single quotes are already converted to HTML entities, so there's no problem sticking it in a hidden input.

How do us plebs apply this patch? Could someone provide an updated version of the file for 2.0.3?

The plebs should just use this plugin that I made:

​http://txfx.net/code/wordpress/wordpress-203-tuneup/